Not only would Stevens not be the chairman of the Senate Committee on Commerce, Science and Transportation in the new (111th) Congress, he hasn't been since early 2007. After the 2006 elections, when the Democrats took over the Senate, Daniel Inouye (D-HI) took over that chair, and presumably will continue to hold it through the 111th Congress since his party remains in power. Stevens is currently not even the ranking minority member of the committee; that title is held by Kay Bailey Hutchison (R-TX). He does still have a seat on the committee, though. AFAIK that seat will be taken over by another Republican senator, not by Begich. Begich could get appointed to one of the committee's majority seats, but as a freshman senator he's not likely to get anything very juicy.
Whether or not Inouye, Hutchison or Begich "understands something about the Net," I do not know. But in any case, that sentence in the story was certainly irrelevant, just an excuse to get in a cheap "series of tubes" dig.
Okay, so maybe the US government and Halliburton are checking up on Vista users, but that's benign compared to the folks after us FreeBSD users. I whois'ed some of my port scan logs and found McGraw Hill, The Washington Post, the BBC, and Ikea. Now that is one terrifying conspiracy. Eisenhower was right when he warned us of the dangers of the media-Swedish furniture complex.
Seriously, though. Worms and botnets are endemic and every organization has boxes probing the internet without their knowledge. Doesn't mean they're out to get you.
I always hated people who would whine about Slashdot story selection, but come on, editors, use a little discretion. You're just helping spread paranoid stupidity.
Yeah! There's all sorts of things like that. Check out the Morro Bay (CA) Power Plant. Go ahead, I'll wait.
Don't you think that's an awfully suspiciously located patch of fog? Clearly this is proof that not only is Google covering up "sensitive" images, but that the government's secret Weather Control Division is involved as well.
Hold on a minute, I think I hear a black helicopter outside...
I have here a copy of a book entitled "The Inventions of Daedalus", which reprints the column of the same name by David E. H. Jones from New Scientist magazine. This column would propose unusual inventions, generally based upon sound scientific principles and seeming entirely reasonable except for their total absurdity. Previous proposals include a scheme for slaughter-free meat production by harvesting reptile tails which then regenerate; a weapon called "Shattergas" causing sudden and catastrophic corrosion of militarily important metals and plastics; and an addictive birth control pill which the user would never forget to take.
Anyway, it includes a column dated May 25, 1978 entitled "The Desert Waterer" in which "Daedalus" proposes just such a device, whereby moisture is collected from the air by means of a hygroscopic liquid. The water can then be extruded through a semi-permeable membrane if the liquid is under sufficient pressure. This can be accomplished simply by placing the liquid in a tall column; moisture enters at the top and the hydrostatic pressure at the bottom allows recovery. Daedalus then considers some convenient liquids for the purpose. Sulfuric acid is readily available in industrial quantities but would need a column 2400 meters high, which is somewhat awkward. Invert sugar syrup has a higher molecular weight and would require a column merely 720 meters high, as well as being nontoxic, and even edible in case of an emergency. Best of all, he says, is a product called "Carbowax", for which a column of only 50 meters would suffice.
The firm in charge of this present project has a suspiciously similar name, so perhaps they have just created a better Carbowax.
Daedalus, in the book, cites a number of cases where an invention from the column has become the subject of serious research. So this is just one more example...
Code is not executed from the heap (data segment), unless you explicitly point the instruction pointer there. This is actually pretty difficult to do. To do it in a standard program run, you would have to write self modifying code. To force a program that otherwise *wouldn't* execute code from the heap, you would first need to corrupt the stack and adjust the return pointer to the pointer at your instruction buffer. But if you can't corrupt the stack, you're still just wasting your time.
There are other ways. For instance, some malloc() implementations store their own data near the allocated blocks. These often have things like linked lists. By twiddling the pointers just so, you can get an arbitrary value written to an arbitrary address when, say, free() is called on the block. If you write to the return address on the stack, or a function pointer elsewhere in the program (and in the presence of dynamic linking, every function is called via a function pointer), and replace it with a pointer to your shellcode within the heap, you win. No self-modifying code required.
Moreover, with techniques like return into libc, you don't even need to be able to execute any of your own code. So a non-executable heap is not a panacea either.
So it is often entirely feasible to exploit a "simple" heap overflow. Admittedly, it takes a little more work than a stack overflow, but you can bet that somewhere in the world there's a hacker clever enough.
The moral is that it is hard to prove that a bug is not exploitable. Any time you can alter the state of the program, there can be indirect opportunities to alter it further. Don't get too confident as to where those opportunities end.
That's right. I just got a new Opteron and have been playing with it. The architecture manual says that addresses can be up to 52 bits wide (4 petabytes), but specific implementations may support only smaller addresses, which can be queried using CPUID EAX=0x80000008. Mine says that virtual addresses are limited to 48 bits (256 TB) and physical addresses to 40 bits (1 TB). Of course the OS and in particular the motherboard may have further constraints.
I used to think so, but I have found one very nice flash application. Major League Baseball has a flash app called "Gameday" which provides instant play-by-play of any baseball game. You can get the same thing as text from other sites, but their graphical thing is nice: you can see the game situation at a glance, click on players to find stats, even see the location of each pitch. There are some ads, but they're fairly unobtrusive. It's a very nice alternative to TV and radio which I find distracting if I'm trying to do something else. Since I use this on a regular basis, I have flash turned on now.
Of course, there are plenty of annoying uses of flash. But luckily Firefox's adblock plugin can block them selectively.
Matter of definition, I guess. Consider the graph G of all TCP/IP hosts, with edges between pairs which are able to reach each other. Perhaps you consider "the Internet" to be the entire graph G. I think most people would disagree: one or two hosts only able to talk among themselves are not "on the Internet" in any reasonable sense. Under normal conditions G has a single connected component H which is much bigger than all others; I would say that H is "the Internet". This is still the case at the moment; the Internet in Pakistan is a small subgraph of the Internet as a whole. So I think it is reasonable to only consider those hosts remaning in the largest component to be the Internet, and then Pakistan is not in that component.
Nope. But what is suprising is the CIA,
NSA, and the Pentagon are not blurred or masked. You'd think those would also be of interest. The Capitol and Congressional office building are blurred, but the Supreme Court is not. Looks like one branch of the government is getting the shaft.
I'm curious. What does the eID actually do? Does it actually have cryptographic smarts in it, or is it just the same old data from the old ID, only designed in such a way as to be read out electronically? Does it require authentication (from you or the interrogator) before divulging?
A smart card which contained a private key and could generate signatures would be outstanding. It would severely reduce fraud and "identity theft". I hate the fact that the current US standard way of proving your identity is to use your Social Security number. I'm sure there are hundreds of people who *legitimately* know mine (landlords, bank, government and university employees, etc) and any of them could take out credit in my name if they decided to turn evil.
nothing can be created by something less perfect than it is. something [known as i] exists therefor something perfect exists, [by induction]. you start the argument with not-god, and you end with god.
Well, you can't quite use induction, because the chain of increasingly perfect things between i and god may not be finite. So even if you can always find something more perfect, you may not ever reach the most perfect element in a finite number of steps. Moreover, it is not the case that, given any pair of things, one of them created the other. So the axiom (if a created b, then a is more perfect than b) doesn't give us that "more perfect than" is a total ordering, only a partial ordering. So there isn't necessarily a single chain to follow.
However, we can still get the conclusion if we're willing to assume a little more. Suppose that any set of things which is totally ordered under "more perfect than" (i.e. given any pair of elements, one is known to be more perfect than the other) has a "most perfect" element. This seems like a reasonable assumption: when you do have a chain of things which created one another, it is plausible that one may have (indirectly) created all the others. In this case, we can apply Zorn's lemma (equivalent to the axiom of choice). Now the set of all things has a most perfect element, which we may call god.
So the axiom of choice implies the existence of God!
For future research: prove the converse. Then the axiom of choice will be equivalent to the existence of God. That should add a little excitement to the dry field of set theory. It will also reduce the mathematical question of whether to accept the axiom to the corresponding theological question, and vice versa, so you can answer both at once.
Your other argument has a little problem, though. : "god is the collection of ideas, motivations and actions of those who believe in it". Presumably God believes in God, and has an idea of God, and therefore God is contained in Itself. When you allow sets to contain themselves, you run straight into Russell's paradox (consider the set of all sets not containing themselves: does it contain itself?) There's a reason why the Z-F axioms of set theory forbid this. So that's probably not a good definition for God. It also doesn't imply uniqueness. (If distinct sets of people believe in distinct Gods, then such distinct Gods will exist. And some of them, perhaps even all, may be quite small).
But notice he needs 32Ah at 240V. Your battery is presumably at 12V; you will need 240/12*32=640 Ah of capacity. So 6 of those batteries, in parallel. Perhaps more to compensate for inefficiencies in the inverter.
It's not new. Years ago, when prescribed antibiotics, I was advised to eat yogurt. Yogurt, of course (real yogurt, not that sugary slime sold by Dannon et al) is full of beneficial live bacteria, which is supposed to help replace the intestinal bacteria killed by the antibiotics. This in turn was supposed to help avoid some of the intestinal side effects of antibiotics, such as diarrhea.
Now, I don't know whether the bacteria in yogurt actually help replace those in the gut, or whether yogurt contains enough bacteria to make a difference. But at least the idea was there.
Going to the police wouldn't do anything as they would be more concerned with catching murderers and rapists than returning somebody's momentos.
I disagree. Sure, they probably won't try very hard (or at all) to track down the person who lost it. However, they should at least keep it. Then when the person discovers they lost it, they could call the police and get it back. After all, the police are (as someone else posted) the people who are supposed to take charge of such items, so if the owner wants it back, the police are who they should call.
Now people have the potential to create hydrogen on a vast scale far away from any place that might have political fallout.
And how is this different from creating electricty on a vast scale far away from any place that might have political fallout? We can run electric transmission lines probably as easily as hydrogen pipelines, but that hasn't solved the issues (political and otherwise) with nuclear power. The problems are bigger than location.
There is one thing I always wonder that nobody ever mentions. Nuclear (fission) power usually starts with uranium, right? Just how much uranium do we have? If we were to generate all the US's electricity by fission, how long would our uranium supplies last? When domestic supplies run low, or become hard to extract, we'll have to import (causing economic and political problems -- where will be the Middle East of uranium? who will get to be in OUEC?) and/or raise energy prices again. And when the whole world runs low, well, either we figure out something new (if we're lucky) or we start fighting wars over what's left.
Like fossil fuels, it's still an exhaustible resource. The only question is, when will it be exhausted?
Slashdot Mirror
Not only would Stevens not be the chairman of the Senate Committee on Commerce, Science and Transportation in the new (111th) Congress, he hasn't been since early 2007. After the 2006 elections, when the Democrats took over the Senate, Daniel Inouye (D-HI) took over that chair, and presumably will continue to hold it through the 111th Congress since his party remains in power. Stevens is currently not even the ranking minority member of the committee; that title is held by Kay Bailey Hutchison (R-TX). He does still have a seat on the committee, though. AFAIK that seat will be taken over by another Republican senator, not by Begich. Begich could get appointed to one of the committee's majority seats, but as a freshman senator he's not likely to get anything very juicy.
Whether or not Inouye, Hutchison or Begich "understands something about the Net," I do not know. But in any case, that sentence in the story was certainly irrelevant, just an excuse to get in a cheap "series of tubes" dig.
Okay, so maybe the US government and Halliburton are checking up on Vista users, but that's benign compared to the folks after us FreeBSD users. I whois'ed some of my port scan logs and found McGraw Hill, The Washington Post, the BBC, and Ikea. Now that is one terrifying conspiracy. Eisenhower was right when he warned us of the dangers of the media-Swedish furniture complex.
Seriously, though. Worms and botnets are endemic and every organization has boxes probing the internet without their knowledge. Doesn't mean they're out to get you.
I always hated people who would whine about Slashdot story selection, but come on, editors, use a little discretion. You're just helping spread paranoid stupidity.
The site where the video is posted is annoying and crappy. Here is a torrent for the video. http://www.mininova.org/get/756266.
Yeah! There's all sorts of things like that. Check out the Morro Bay (CA) Power Plant. Go ahead, I'll wait.
Don't you think that's an awfully suspiciously located patch of fog? Clearly this is proof that not only is Google covering up "sensitive" images, but that the government's secret Weather Control Division is involved as well.
Hold on a minute, I think I hear a black helicopter outside...
I have here a copy of a book entitled "The Inventions of Daedalus", which reprints the column of the same name by David E. H. Jones from New Scientist magazine. This column would propose unusual inventions, generally based upon sound scientific principles and seeming entirely reasonable except for their total absurdity. Previous proposals include a scheme for slaughter-free meat production by harvesting reptile tails which then regenerate; a weapon called "Shattergas" causing sudden and catastrophic corrosion of militarily important metals and plastics; and an addictive birth control pill which the user would never forget to take.
Anyway, it includes a column dated May 25, 1978 entitled "The Desert Waterer" in which "Daedalus" proposes just such a device, whereby moisture is collected from the air by means of a hygroscopic liquid. The water can then be extruded through a semi-permeable membrane if the liquid is under sufficient pressure. This can be accomplished simply by placing the liquid in a tall column; moisture enters at the top and the hydrostatic pressure at the bottom allows recovery. Daedalus then considers some convenient liquids for the purpose. Sulfuric acid is readily available in industrial quantities but would need a column 2400 meters high, which is somewhat awkward. Invert sugar syrup has a higher molecular weight and would require a column merely 720 meters high, as well as being nontoxic, and even edible in case of an emergency. Best of all, he says, is a product called "Carbowax", for which a column of only 50 meters would suffice.
The firm in charge of this present project has a suspiciously similar name, so perhaps they have just created a better Carbowax.
Daedalus, in the book, cites a number of cases where an invention from the column has become the subject of serious research. So this is just one more example...
There are other ways. For instance, some malloc() implementations store their own data near the allocated blocks. These often have things like linked lists. By twiddling the pointers just so, you can get an arbitrary value written to an arbitrary address when, say, free() is called on the block. If you write to the return address on the stack, or a function pointer elsewhere in the program (and in the presence of dynamic linking, every function is called via a function pointer), and replace it with a pointer to your shellcode within the heap, you win. No self-modifying code required.
Moreover, with techniques like return into libc, you don't even need to be able to execute any of your own code. So a non-executable heap is not a panacea either.
So it is often entirely feasible to exploit a "simple" heap overflow. Admittedly, it takes a little more work than a stack overflow, but you can bet that somewhere in the world there's a hacker clever enough.
The moral is that it is hard to prove that a bug is not exploitable. Any time you can alter the state of the program, there can be indirect opportunities to alter it further. Don't get too confident as to where those opportunities end.
That's right. I just got a new Opteron and have been playing with it. The architecture manual says that addresses can be up to 52 bits wide (4 petabytes), but specific implementations may support only smaller addresses, which can be queried using CPUID EAX=0x80000008. Mine says that virtual addresses are limited to 48 bits (256 TB) and physical addresses to 40 bits (1 TB). Of course the OS and in particular the motherboard may have further constraints.
Of course, there are plenty of annoying uses of flash. But luckily Firefox's adblock plugin can block them selectively.
Matter of definition, I guess. Consider the graph G of all TCP/IP hosts, with edges between pairs which are able to reach each other. Perhaps you consider "the Internet" to be the entire graph G. I think most people would disagree: one or two hosts only able to talk among themselves are not "on the Internet" in any reasonable sense. Under normal conditions G has a single connected component H which is much bigger than all others; I would say that H is "the Internet". This is still the case at the moment; the Internet in Pakistan is a small subgraph of the Internet as a whole. So I think it is reasonable to only consider those hosts remaning in the largest component to be the Internet, and then Pakistan is not in that component.
Nope. But what is suprising is the CIA, NSA, and the Pentagon are not blurred or masked. You'd think those would also be of interest. The Capitol and Congressional office building are blurred, but the Supreme Court is not. Looks like one branch of the government is getting the shaft.
Yeah, it's a total hoax. Just there to scare the naive. Cute, but kind of d
I'll send him the $200. It's a cashier's check, drawn on the First Bank of Nigeria.
No, better yet, I'll make the check for $10,000 and he can just wire back the difference. Much simpler that way.
I'm curious. What does the eID actually do? Does it actually have cryptographic smarts in it, or is it just the same old data from the old ID, only designed in such a way as to be read out electronically? Does it require authentication (from you or the interrogator) before divulging?
A smart card which contained a private key and could generate signatures would be outstanding. It would severely reduce fraud and "identity theft". I hate the fact that the current US standard way of proving your identity is to use your Social Security number. I'm sure there are hundreds of people who *legitimately* know mine (landlords, bank, government and university employees, etc) and any of them could take out credit in my name if they decided to turn evil.
Um, if the war is still on, this "someone" would likely have their plane shot down in short order.
Dumps all received data to /dev/lp0, perhaps?
You don't think it's reasonable to parse it as "cruel punishment and unusual punishment"?
There are 11 types of people: those who can count in binary, and those who can't.
But that's true of any orthonormal basis in a Hilbert space. Can't you come up with something deeper?
(Caution, math humor ahead)
nothing can be created by something less perfect than it is. something [known as i] exists therefor something perfect exists, [by induction]. you start the argument with not-god, and you end with god.
Well, you can't quite use induction, because the chain of increasingly perfect things between i and god may not be finite. So even if you can always find something more perfect, you may not ever reach the most perfect element in a finite number of steps. Moreover, it is not the case that, given any pair of things, one of them created the other. So the axiom (if a created b, then a is more perfect than b) doesn't give us that "more perfect than" is a total ordering, only a partial ordering. So there isn't necessarily a single chain to follow.
However, we can still get the conclusion if we're willing to assume a little more. Suppose that any set of things which is totally ordered under "more perfect than" (i.e. given any pair of elements, one is known to be more perfect than the other) has a "most perfect" element. This seems like a reasonable assumption: when you do have a chain of things which created one another, it is plausible that one may have (indirectly) created all the others. In this case, we can apply Zorn's lemma (equivalent to the axiom of choice). Now the set of all things has a most perfect element, which we may call god.
So the axiom of choice implies the existence of God!
For future research: prove the converse. Then the axiom of choice will be equivalent to the existence of God. That should add a little excitement to the dry field of set theory. It will also reduce the mathematical question of whether to accept the axiom to the corresponding theological question, and vice versa, so you can answer both at once.
Your other argument has a little problem, though. : "god is the collection of ideas, motivations and actions of those who believe in it". Presumably God believes in God, and has an idea of God, and therefore God is contained in Itself. When you allow sets to contain themselves, you run straight into Russell's paradox (consider the set of all sets not containing themselves: does it contain itself?) There's a reason why the Z-F axioms of set theory forbid this. So that's probably not a good definition for God. It also doesn't imply uniqueness. (If distinct sets of people believe in distinct Gods, then such distinct Gods will exist. And some of them, perhaps even all, may be quite small).
What is KD, anyhow?
But notice he needs 32Ah at 240V. Your battery is presumably at 12V; you will need 240/12*32=640 Ah of capacity. So 6 of those batteries, in parallel. Perhaps more to compensate for inefficiencies in the inverter.
It's not new. Years ago, when prescribed antibiotics, I was advised to eat yogurt. Yogurt, of course (real yogurt, not that sugary slime sold by Dannon et al) is full of beneficial live bacteria, which is supposed to help replace the intestinal bacteria killed by the antibiotics. This in turn was supposed to help avoid some of the intestinal side effects of antibiotics, such as diarrhea.
Now, I don't know whether the bacteria in yogurt actually help replace those in the gut, or whether yogurt contains enough bacteria to make a difference. But at least the idea was there.
So what's the downside?
Going to the police wouldn't do anything as they would be more concerned with catching murderers and rapists than returning somebody's momentos.
I disagree. Sure, they probably won't try very hard (or at all) to track down the person who lost it. However, they should at least keep it. Then when the person discovers they lost it, they could call the police and get it back. After all, the police are (as someone else posted) the people who are supposed to take charge of such items, so if the owner wants it back, the police are who they should call.
Now people have the potential to create hydrogen on a vast scale far away from any place that might have political fallout.
And how is this different from creating electricty on a vast scale far away from any place that might have political fallout? We can run electric transmission lines probably as easily as hydrogen pipelines, but that hasn't solved the issues (political and otherwise) with nuclear power. The problems are bigger than location.
There is one thing I always wonder that nobody ever mentions. Nuclear (fission) power usually starts with uranium, right? Just how much uranium do we have? If we were to generate all the US's electricity by fission, how long would our uranium supplies last? When domestic supplies run low, or become hard to extract, we'll have to import (causing economic and political problems -- where will be the Middle East of uranium? who will get to be in OUEC?) and/or raise energy prices again. And when the whole world runs low, well, either we figure out something new (if we're lucky) or we start fighting wars over what's left.
Like fossil fuels, it's still an exhaustible resource. The only question is, when will it be exhausted?